Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 18 Apr 2019 21:34:15 +0800
From: Fuqian Huang <huangfq.daxian@...il.com>
To: oss-security@...ts.openwall.com
Subject: Linux kernel < 4.14.111 drivers/nfc/nfcmrvl/usb.c kernel address
 dumps to user space

In drivers/nfc/nfcmrvl/usb.c:164,
nfcmrvl_tx_complete will dump the address of urb to dmesg,
which allows local user to read kernel address via dmesg.

static void nfcmrvl_tx_complete(struct urb *urb)
{
    ...
    nfc_info(priv->dev, "urb %p status %d count %d\n",
         urb, urb->status, urb->actual_length);
    ...
}

In drivers/nfc/nfcmrvl/usb.c:308,
nfcmrvl_probe will dump the address of inf to dmesg,
which allows local user to read kernel address via dmesg.

static int nfcmrvl_probe(struct usb_interface *intf,
             const struct usb_device_id *id)
{
    ...
    nfc_info(&udev->dev, "intf %p id %p\n", intf, id);
    ...
}

In drivers/nfc/nfcmrvl/usb.c:368,
nfcmrvl_disconnect will dump the address of inf to dmesg,
which allows local user to read kernel address via dmesg.

static void nfcmrvl_disconnect(struct usb_interface *intf)
{
    ...
    nfc_info(&drv_data->udev->dev, "intf %p\n", intf);
    ...
}

In drivers/nfc/nfcmrvl/usb.c:375,
nfcmrvl_suspendwill dump the address of inf to dmesg,
which allows local user to read kernel address via dmesg.

static int nfcmrvl_suspend(struct usb_interface *intf, pm_message_t message)
{
    ...
    nfc_info(&drv_data->udev->dev, "intf %p\n", intf);
    ...
}


In drivers/nfc/nfcmrvl/usb.c:416,
nfcmrvl_resume dump the address of inf to dmesg,
which allows local user to read kernel address via dmesg.

static int nfcmrvl_resume(struct usb_interface *intf)
{
    ...
    nfc_info(&drv_data->udev->dev, "intf %p\n", intf);
    ...
}

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.